Web browsing history, a feature designed to enhance user convenience by styling visited links differently, has inadvertently become a privacy vulnerability exploited by attackers. While this functionality helps users navigate websites by visually distinguishing visited links, it also opens the…
Tag: Cyber Security News
Google Brings End-to-End Encryption for Gmail Business Users
Google has launched a new end-to-end encryption (E2EE) model for Gmail enterprise users, marking a significant advancement in email security that allows business customers to send fully encrypted emails to any recipient with minimal technical complexity. Announced on April 1,…
New Android Malware ‘Salvador Stealer’ That Phish & Steals Your Banking Details & OTPs
Cybersecurity researchers have discovered a sophisticated new Android malware called “Salvador Stealer” that targets banking credentials and one-time passwords (OTPs) through an elaborate phishing scheme. This multi-stage malware masquerades as legitimate banking applications to trick users into revealing sensitive financial…
Multiple Chrome Vulnerabilities Let Attackers Execute Arbitrary Code
Google has rolled out a critical security update for Chrome 135 across all desktop platforms. The update addresses fourteen vulnerabilities, including high-severity flaws that could enable remote code execution. The stable channel update (135.0.7049.52 for Linux, 135.0.7049.41/42 for Windows/macOS) comes…
Channel Triggered Backdoor Attack in Wireless Channels Let Attackers Read Passwords
Cybersecurity researchers have uncovered a sophisticated new attack method that exploits wireless communication channels to create covert backdoors, enabling threat actors to capture sensitive credentials without detection. This technique, dubbed “Channel Triggered Backdoor Attack,” manipulates subtle variations in wireless signals…
Hackers Actively Targeting SonicWall, Zoho, F5 & Ivanti Systems to Exploit Vulnerabilities
A significant surge in cyberattacks targeting enterprise network appliances and remote access tools has put global organizations on high alert. On March 28, 2025, GreyNoise observed a 300% increase in malicious activity directed at SonicWall firewalls, Zoho ManageEngine platforms, F5…
Exploiting Side-Channel Leakage Enable Successful Exploitations on The Latest Linux Kernel
In a concerning development for Linux kernel security, researchers have demonstrated how side-channel leakage in kernel defenses can be exploited to compromise even the latest Linux kernels. The technique, detailed in a USENIX Security paper, reveals how certain kernel defenses…
CISA Releases Two ICS Advisories for Vulnerabilities, & Exploits Surrounding ICS
The Cybersecurity and Infrastructure Security Agency (CISA) released two Industrial Control Systems (ICS) advisories on April 1, 2025, highlighting significant vulnerabilities in critical infrastructure components. These advisories, ICSA-25-091-01 and ICSA-24-331-04, address security flaws in Rockwell Automation and Hitachi Energy products…
Sliver Framework Customized to Boost Evasion & Bypass EDR Detections
Sliver, a multi-platform Command & Control framework written entirely in Go, has gained significant traction in offensive security since its 2020 release. The framework provides red teams with powerful post-exploitation capabilities, but as its user base has expanded, detection has…
Python Officially Unveils New Standard Lock File Format to Improve Security
Python has officially standardized a lock file format with the acceptance of PEP 751 marking a significant milestone for the Python packaging ecosystem. The new format, named pylock.toml, addresses long-standing issues with dependency management by providing a standardized way to…